BytesAgain is a curated directory of 60,000+ AI agent skills from ClawHub, GitHub, LobeHub, and Dify. Search skills by keyword in 7 languages, browse by role (developer, creator, trader, marketer) or by use case.

How do I find AI skills on BytesAgain?

Use the search bar on BytesAgain.com to search by keyword in 7 languages. You can also browse by role (developer, creator, trader, marketer) or by use case. Each skill shows install instructions for Claude, Cursor, OpenClaw, Continue, and more.

Yes, BytesAgain is completely free. No registration required for searching skills. The MCP API is also free with rate limits.

Does BytesAgain have an API for AI agents?

Yes! BytesAgain provides a free MCP SSE endpoint at /api/mcp/sse for AI agents, plus a REST API at /api/mcp?action=search&q= . No authentication needed.

Can I request a new AI skill on BytesAgain?

Yes! Visit the Requests page on BytesAgain.com to submit a skill request. Your request will be visible to the community and notified to the site admin.

🦀 ClawHub

Skylv Agent Constitution Guard

by @sky-lv

Constitutional guardrails for AI agents — define immutable behavioral rules, permission boundaries, escalation policies, and safety interlocks that prevent a...

Versionv1.0.0

Downloads210

Installs1

#crypto-defi #legal

View on ClawHub →

TERMINAL

clawhub install skylv-agent-constitution-guard

📖 About This Skill

description: Constitutional guardrails for AI agents — define immutable behavioral rules, permission boundaries, escalation policies, and safety interlocks that prevent agents from exceeding authorized scope regardless of context or pressure keywords: openclaw, skill, automation, ai-agent, constitution, guardrail, safety, permission, boundary, behavioral-constraint, escalation, audit-trail, compliance, guard, restrict, deny, allow, policy name: agent-constitution-guard triggers: agent constitution, guardrail, permission guard, safety rule, behavioral constraint, boundary check, escalation policy, agent safety, immutable rule, compliance guard

agent-constitution-guard

> Constitutional guardrails for AI agents — define immutable behavioral rules, permission boundaries, escalation policies, and safety interlocks that agents cannot override regardless of context or user pressure.

Skill Metadata

Slug: agent-constitution-guard

Version: 1.1.0

Author: SKY-lv

Description: Production-grade constitutional guardrails system for AI agents. Define immutable behavioral rules, multi-level permission boundaries, human escalation policies, safety interlocks, and comprehensive audit trails. Agents must obey these rules regardless of context, prompt injection, or social engineering attempts.

Category: safety

License: MIT

Trigger Keywords: constitution, guardrail, permission guard, safety rule, behavioral constraint, boundary check, escalation policy, agent safety, immutable rule, compliance guard, red line, permission boundary

Why This Matters

AI agents with access to files, APIs, and external systems need enforceable boundaries. Without constitutional guardrails:

An agent could delete production databases responding to a misleading prompt

An agent could exfiltrate sensitive data to external endpoints

An agent could spend thousands of dollars on API calls without oversight

An agent could modify system files, breaking the host environment

This skill provides enforceable, auditable, multi-layered protection.

Architecture

\\\┌─────────────────────────────────────┐ │ AGENT ACTION REQUEST │ └──────────────────┬──────────────────┘ │ ▼ ┌─────────────────────────────────────┐ │ Layer 1: IMMUTABLE CHECK │ ← Cannot be overridden by anyone │ (Hard safety boundaries) │ └──────────────────┬──────────────────┘ │ PASS ▼ ┌─────────────────────────────────────┐ │ Layer 2: POLICY ENGINE │ ← Rule-based permission checks │ (Context-aware rules) │ └──────────────────┬──────────────────┘ │ PASS ▼ ┌─────────────────────────────────────┐ │ Layer 3: ESCALATION │ ← Human approval for sensitive ops │ (Owner confirmation) │ └──────────────────┬──────────────────┘ │ APPROVED ▼ ┌─────────────────────────────────────┐ │ Layer 4: AUDIT LOG │ ← Every check is recorded │ (Immutable audit trail) │ └─────────────────────────────────────┘ \\\

Step-by-Step Usage

Step 1: Initialize Constitution

\\\

bash
node constitution.js init --name "my-agent" --owner "admin@company.com"
\

\\ Creates .constitution/ directory with default rules and audit log.

Step 2: Add Rules

\\\

bash
Immutable rule: never call external APIs without confirmation
node constitution.js rule add \
  --level immutable \
  --action deny \
  --scope "external_write" \
  --description "Never write to external APIs without owner confirmation" \
  --escalation owner
Owner-only rule: can modify workspace files
node constitution.js rule add \
  --level owner-only \
  --action allow \
  --scope "workspace_write" \
  --description "Can write files within workspace directory"
Mutable rule: can read any file
node constitution.js rule add \
  --level mutable \
  --action allow \
  --scope "file_read" \
  --description "Read any local file"
\

\\

Step 3: Check Permissions Before Action

\\\

javascript
const guard = require('./constitution.js');
// Check if an action is allowed
const decision = guard.check('external_write', {
  target: 'https://api.stripe.com/charges',
  payload: { amount: 9999 },
  userId: 'user-123'
});

console.log(decision); // { // allowed: false, // layer: 'immutable', // rule: 'R001', // reason: 'External write requires owner confirmation', // escalation: 'owner', // escalationMessage: 'Agent wants to POST to https://api.stripe.com/charges. Approve?' // } \\\

Step 4: Handle Escalation

\\\

javascript
if (!decision.allowed && decision.escalation) {
  // Send escalation request to owner
  const approved = await guard.escalate(decision, {
    channel: 'webhook', // or 'email', 'slack', 'console'
    timeout: 300000,     // 5 min timeout
    details: decision.escalationMessage
  });
  
  if (approved) {
    await executeAction();
  }
}
\

\\

Step 5: Review Audit Trail

\\\

bash
View all decisions in last 24 hours
node constitution.js audit --last 24h
View only denied actions
node constitution.js audit --status denied
View audit for specific scope
node constitution.js audit --scope external_write
Export for compliance reporting
node constitution.js audit --export csv --output audit_2024_Q1.csv
\

\\

Rule Levels Explained

| Level | Who Can Modify | Override | Use Case | |-------|---------------|----------|----------| | Immutable | Nobody | Never | Delete production, external network access, credential access | | Owner-only | Agent owner only | Never | Deploy to production, modify billing, send emails | | Mutable | Agent (within bounds) | Self-adjust | File read paths, log verbosity, cache settings | | Advisory | Anyone | Always | Performance hints, optimization suggestions |

Real-World Examples

Example 1: Production Database Protection

\\\

json
{
  "id": "DB-PROTECT",
  "level": "immutable",
  "action": "deny",
  "scope": ["database_delete", "database_drop", "database_truncate"],
  "description": "Never delete, drop, or truncate any production database",
  "conditions": {
    "environment": ["production", "prod"]
  }
}
\

\\

Example 2: Cost Control ($100/day API budget)

\\\

json
{
  "id": "COST-GUARD",
  "level": "owner-only",
  "action": "allow",
  "scope": "external_api_call",
  "description": "Allow external API calls within daily budget",
  "limits": {
    "maxDailyCost": 100,
    "maxCostPerCall": 10
  },
  "escalation": "owner"
}
\

\\

Example 3: Data Privacy (GDPR Compliance)

\\\

json
{
  "id": "GDPR-GUARD",
  "level": "immutable",
  "action": "deny",
  "scope": ["data_export", "data_share"],
  "description": "Never export or share PII data without legal approval",
  "conditions": {
    "dataTypes": ["email", "phone", "ssn", "address", "financial"]
  }
}
\

\\

Configuration Reference

\\\json { "constitution": { "version": "1.0", "agent": "my-agent", "owner": "admin@company.com", "defaults": { "denyAction": "block", "logLevel": "all", "escalationTimeout": 300000 }, "layers": { "immutable": { "enabled": true, "log": true }, "policy": { "enabled": true, "log": true }, "escalation": { "enabled": true, "channels": ["console"] }, "audit": { "enabled": true, "retention": "90d" } } } } \\\

Integration Patterns

Pattern 1: Middleware for Express/Fastify

\\\

javascript
app.use(async (req, res, next) => {
  const decision = guard.check('external_write', { method: req.method, url: req.url });
  if (!decision.allowed) return res.status(403).json(decision);
  next();
});
\

\\

Pattern 2: OpenClaw Skill Wrapper

\\\

javascript
// Before executing any tool call:
const toolGuard = guard.checkForTool(toolName, toolParams);
if (!toolGuard.allowed) {
  if (toolGuard.escalation === 'owner') {
    // Ask OpenClaw to prompt user for approval
  }
  return { blocked: true, reason: toolGuard.reason };
}
\

\\

Pattern 3: CI/CD Pipeline Gate

\\\

bash
In your deployment pipeline:
node constitution.js ci-check --env production --strict
Exit code 0 = safe to deploy, 1 = violations found
\

\\